using Admin2025.Domain.Entities.App;

namespace Admin2025.Application.Services;

public class DataPermissionService
{
    // 判断用户是否有权限访问某数据
    public bool HasDataAccess(AppUser user, Guid dataOwnerDeptId)
    {
        // 示例：角色数据范围为All/Department/Self
        foreach (var role in user.Roles)
        {
            if (role.DataScope == "All") return true;
            if (role.DataScope == "Department" && user.DepartmentId == dataOwnerDeptId) return true;
        }
        return false;
    }
}